Nginx 链接安全模块与 php 问题?

Nginx 链接安全模块与 php 问题?

Nginx 配置

server {
listen  80;
server_name 173.249.40.xxx;

root /var/www/files.com/html;
index  index.html index.htm;

location / {        
    try_files $uri $uri/ =404;
}

location /securetest {
    alias /var/www/files.com/html;
    secure_link $arg_md5,$arg_expires;
    secure_link_md5 "$secure_link_expires$uri$remote_addr the_secret_key_configured_in_nginx";

    if ($secure_link = "") { return 403; }
    if ($secure_link = "0") { return 410; }    
}


error_page  500 502 503 504  /50x.html;
location = /50x.html {
    root  /usr/share/nginx/html;
 }
}

PHP 文件

function buildSecureLink($baseUrl, $path, $secret, $ttl, $userIp)
{
    $expires = time() + $ttl;
    $md5 = md5("$expires$path$userIp $secret", true);
    $md5 = base64_encode($md5);
    $md5 = strtr($md5, '+/', '-_');
    $md5 = str_replace('=', '', $md5);
    return $baseUrl . $path . '?md5=' . $md5 . '&expires=' . $expires;
}
$secret = 'the_secret_key_configured_in_nginx';
$baseUrl = 'http://173.249.40.xxx';
$path = '/securetest/'.$filename;
$ttl = 120; //no of seconds this link is active 
$userIp = '39.47.109.140';
$secure_Link_created = buildSecureLink($baseUrl, $path, $secret, $ttl, $userIp);
redirect($secure_Link_created);

问题是,当我写下确切的文件路径时,每个人都可以访问该文件,而我想要的是,该链接只能由我的网站访问。访问该文件的 URL 是什么?我也对此感到困惑。 http://173.249.40.xxx/nj_folder/myfile.zip 或者 http://173.249.40.xxx/securetest/myfile.zip

当我尝试使用 securetest URL 访问文件时,出现 404 错误。重定向代码也创建了链接,但对每个人都有效,并且具有准确的完整路径。http://173.249.40.xxx/nj_folder/myfile.zip?md5=NajZUYdhb5z6hXZ6O-9nKQ&expires=1522343848 完整路径应该被隐藏,我遗漏了什么?请详细解释一下。

谢谢

相关内容